Lightweight authenticated encryption for embedded on-chip systems

ABSTRACT Embedded systems are routinely deployed in critical infrastructures nowadays, therefore their security is increasingly important. This, combined with the pressing requirement of deploying massive numbers of low-cost and low-energy embedded devices, stimulates the evolution of lightweight cryptography and other green-computing security mechanisms. New crypto-primitives are being proposed that offer moderate security and produce compact implementations. In this article, we present a lightweight authenticated encryption scheme based on the integrated hardware implementation of the lightweight block cipher PRESENT and the lightweight hash function SPONGENT. The presented combination of a cipher and a hash function is appropriate for implementing authenticated encryption schemes that are commonly utilized in one-way and mutual authentication protocols. We exploit their inner structure to discover hardware elements usable by both primitives, thus reducing the circuit’s size. The integrated versions demonstrate a 27% reduction in hardware area compared to the simple combination of the two primitives. The resulting solution is ported on a field-programmable gate array (FPGA) and a complete security application with input/output from a universal asynchronous receiver/transmitter (UART) gate is created. In comparison with similar implementations in hardware and software, the proposed scheme represents a better overall status.

[1]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[2]  Morris J. Dworkin,et al.  SP 800-38D. Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC , 2007 .

[3]  Santanu Sarkar,et al.  A Differential Fault Attack on Grain-128a using MACs , 2012, IACR Cryptol. ePrint Arch..

[4]  Daniel W. Engels,et al.  The Hummingbird-2 Lightweight Authenticated Encryption Algorithm , 2011, RFIDSec.

[5]  Thomas Peyrin,et al.  The PHOTON Family of Lightweight Hash Functions , 2011, IACR Cryptol. ePrint Arch..

[6]  Kyoji Shibutani,et al.  The 128-Bit Blockcipher CLEFIA (Extended Abstract) , 2007, FSE.

[7]  Bibhudatta Sahoo,et al.  A Survey on Hardware Implementation of IDEA Cryptosystem , 2011, Inf. Secur. J. A Glob. Perspect..

[8]  Andrey Bogdanov,et al.  spongent: A Lightweight Hash Function , 2011, CHES.

[9]  Andrey Bogdanov,et al.  Fides: Lightweight Authenticated Cipher with Side-Channel Resistance for Constrained Hardware , 2013, CHES.

[10]  Charalampos Manifavas,et al.  Lightweight Cryptography for Embedded Systems - A Comparative Analysis , 2013, DPM/SETOP.

[11]  Martin Hell,et al.  Grain-128a: a new version of Grain-128 with optional authentication , 2011, Int. J. Wirel. Mob. Comput..

[12]  Nicolas Sklavos On the Hardware Implementation Cost of Crypto-Processors Architectures , 2010, Inf. Secur. J. A Glob. Perspect..

[13]  Matthias Hiller,et al.  A systematic study of lightweight hash functions on FPGAs , 2014, 2014 International Conference on ReConFigurable Computing and FPGAs (ReConFig14).

[14]  Markku-Juhani O. Saarinen Related-Key Attacks Against Full Hummingbird-2 , 2013, FSE.

[15]  Tao Huang,et al.  Leaked-State-Forgery Attack against the Authenticated Encryption Algorithm ALE , 2013, ASIACRYPT.

[16]  Vincent Rijmen,et al.  ALE: AES-Based Lightweight Authenticated Encryption , 2013, FSE.

[17]  Axel Poschmann,et al.  Lightweight cryptography: cryptographic engineering for a pervasive world , 2009, IACR Cryptol. ePrint Arch..

[18]  Mohamed Ahmed Abdelraheem,et al.  Estimating the Probabilities of Low-Weight Differential and Linear Approximations on PRESENT-Like Ciphers , 2012, ICISC.

[19]  Ismail San,et al.  Compact Keccak Hardware Architecture for Data Integrity and Authentication on FPGAs , 2012, Inf. Secur. J. A Glob. Perspect..

[20]  Andrey Bogdanov,et al.  Hash Functions and RFID Tags: Mind the Gap , 2008, CHES.

[21]  Meiqin Wang,et al.  Side Channel Cube Attack on PRESENT , 2009, CANS.

[22]  Cihangir Tezcan,et al.  Lightweight Block Ciphers Revisited: Cryptanalysis of Reduced Round PRESENT and HIGHT , 2009, ACISP.

[23]  Abdelrahman Desoky,et al.  Innocipher: A Novel Innocent-Cipher-Based Cryptography Paradigm—High Level of Security for Fooling the Enemy , 2013, Inf. Secur. J. A Glob. Perspect..

[24]  Chanathip Namprempre,et al.  Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm , 2000, Journal of Cryptology.